Installing Metasploit Framework on CentOS/RHEL 6

 All command in the guide need to be ran as root. To switch to root and have all the proper variables run:

su -

Installing Dependencies

We start by making sure that we have the latest packages by updating the system using yum:

yum update

yum upgrade

Now that we know that we are running an updated system we can install all the dependent packages that are needed by Metasploit Framework:

yum groupinstall 'Development Tools'

yum install sqlite-devel libxslt-devel libxml2-devel java-1.7.0-openjdk libpcap-devel nano openssl-devel zlib-devel libffi-devel gdbm-devel readline-devel nano wget  

Installing Ruby 1.9.3

CentOS/RHEL is a solid operating system but sadly it does not tend to run the latest in term of packages so we have to compile and install by hand the YAML and Ruby 1.9.3 software.

First we download and install the latest version of YAML

cd /usr/src

wget http://pyyaml.org/download/libyaml/yaml-0.1.4.tar.gz

tar zxf yaml-0.1.4.tar.gz

cd yaml-0.1.4

./configure --prefix=/usr/local

make && make install

Now we download and install the latest version of Ruby 1.9.3

cd /usr/src

wget http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p374.tar.gz

tar xvzf ruby-1.9.3-p374.tar.gz

 

cd ruby-1.9.3-p374

 ./configure --prefix=/usr/local --with-opt-dir=/usr/local/lib

make & make install

#CentoS6安装 ruby-1.9.3- 报错: EC_GROUP_new_curve_GF2m,问题原因：

由于redhat新版本默认openssl的配置变更取消了对EC_xx的支持，所以出现该错误。

解决方法参照另外一篇博文.

Installing Nmap

One of the external tools that Metasploit uses for scanning that is not included with the sources is Nmap. Here we will cover downloading the latest source code for Nmap, compiling and installing:

cd /usr/src

svn co https://svn.nmap.org/nmap

cd nmap

./configure

make

make install

make clean

Configuring Postgre SQL Server

The version that comes with CentOS/RHEL is quite old so we need to modify our system to install the latest from PostgreSQL directly. Open /etc/yum.repos.d/CentOS-Base.repo and add to the [base] and [update] sections:

exclude=postgresql*

Now we can install the Postgres official repository for CentOS 6 x64:

wget http://yum.postgresql.org/9.2/redhat/rhel-6-x86_64/pgdg-centos92-9.2-6.noarch.rpm

rpm -ivh pgdg-centos92-9.2-6.noarch.rpm

for X86 download: http://yum.postgresql.org/9.2/redhat/rhel-6-i386/pgdg-redhat92-9.2-7.noarch.rpm

Fot RHEL 6 x64

 

wget http://yum.postgresql.org/9.2/redhat/rhel-6-x86_64/pgdg-redhat92-9.2-7.noarch.rpm

rpm -ivh pgdg-redhat92-9.2-7.noarch.rpm

for x86 download http://yum.postgresql.org/9.2/redhat/rhel-6-i386/pgdg-centos92-9.2-6.noarch.rpm

To install Postgres and the necessary files we use yum:

yum update

yum install postgresql92-server postgresql92-devel postgresql92

Now we initialize the server and configure it for automatic startup:

service postgresql-9.2 initdb

service postgresql-9.2 start

chkconfig postgresql-9.2 on

For when we compile the necessary gem for ruby we need to add the new install to our path so the compiler can find the binaries and libraries:

echo export PATH=/usr/pgsql-9.2/bin:\$PATH >> /etc/bashrc

source ~/.bashrc

We start by switching to the Postgres user so we can create the user and database that we will use for Metasploit

su - postgres

Now we create the user and Database, do record the database that you gave to the user since it will be used in the database.yml file that Metasploit and Armitage use to connect to the database.

createuser msf -P -S -R -D

createdb -O msf msf

exit

exit

To allow the user we created to connect to Postgres we need to add to /var/lib/pgsql/9.2/data/pg_hba.conf file the following lines above the rest of the other configured settings:

 

 

local   msf msf md5

host  msf   msf 127.0.0.1/8 md5

host  msf   msf ::1/128 md5

Restart the service:

#注意:直接添加的需要注释掉默认设置

service postgresql-9.2 start

Installing Metasploit Framework

Once the packages have been install we need to install the required Ruby libraries that metasploit depends on:

gem install wirble pg sqlite3 msgpack activerecord redcarpet rspec simplecov yard bundler

We will download the latest version of Metasploit Framework via Git so we can use msfupdate to keep it updated:

cd /opt

git clone https://github.com/rapid7/metasploit-framework.git  

cd metasploit-framework

Lets create the links to the commands so we can use them under any user and not being under the framework folder:

bash -c 'for MSF in $(ls msf*); do ln -s /opt/metasploit-framework/$MSF /usr/local/bin/$MSF;done'

ln -s /opt/metasploit-framework/armitage /usr/local/bin/armitage

From the Metasploit-Framework folder lets use the Bundler Gem to install the properly supportted Gem versions:

bundle install

########################################################

bundle install 失败,前面没有安装:

需要安装Bundler Gem

gem install bundler

特别注意！！！

安装好Ruby和bundle后，做如下操作，否则后面会被一堆的：

sudo: gem: command not found和

 

/usr/bin/env: ruby: No such file or directory, Could not locate Gemfile

给累死，切记！！！

需要做的操作：

ln -s /usr/local/bin/ruby /usr/bin/ruby 

ln -s /usr/local/bin/gem /usr/bin/gem

ln -s /usr/local/bin/bundle /usr/bin/bundle

参考:http://tz100.me/494.html

######################################################

Lets create the database.yml file that will contain the configuration parameters that will be use by framework:

nano /opt/metasploit-framework/database.yml

Copy the YAML entries and make sure you provide the password you entered in the user creating step in the password field for the database:

production:

   adapter: postgresql

   database: msf

   username: msf

   password: 

   host: 127.0.0.1

   port: 5432

   pool: 75

   timeout: 5

Create and environment variable so it is loaded by Armitage and by msfconsole when running and load the variable in to your current shell:

echo export MSF_DATABASE_CONFIG=/opt/metasploit-framework/database.yml >> /etc/bashrc

source ~/.bashrc

Install the pcaprun gem so we can use the portscanning modules:

cd /opt/metasploit-framework/external/pcaprub

#我机器的位置在

 

/usr/local/lib/ruby/gems/1.9.1/gems/pcaprub-0.11.3/ext/pcaprub

ruby extconf.rb && sudo make && sudo make install

First Run

Now we are ready to run Metasploit for the first time. My recommendation is to run it first under a regular user so the folders create under your home directory have the proper permissions. First time it runs it will create the entries needed by Metasploit in the database so it will take a while to load.

msfconsole

 

​